FHIR Patient Portal

About the Project

A patient-facing health dashboard implementing the SMART App Launch Framework, the OAuth2-based authentication standard used by real EHR systems like Epic and Cerner to authorize third-party access to patient data. The application authenticates users through a SMART on FHIR authorization flow using PKCE, retrieves live FHIR R4 resources from a healthcare sandbox, and displays them in a clean dashboard UI.

The backend is built with FastAPI and handles the full SMART on FHIR flow server-side, generating PKCE code verifiers, exchanging authorization codes for access tokens, and proxying authenticated FHIR requests. Access tokens are stored in Redis and never exposed to the browser; the client holds only a signed session cookie. The frontend is built with Next.js and displays four core FHIR R4 resources: Patient, Observation, MedicationRequest, and Condition, with graceful handling for patients with partial data.

This project was built to demonstrate healthcare domain knowledge alongside full-stack development skills, with a focus on the authentication standards and data formats that underpin real-world EHR integrations.